Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Design and deploy secure cloud infrastructure while implementing DevSecOps practices.
- Company: NewDay helps people move forward with credit and values diversity in the workplace.
- Benefits: Enjoy a competitive salary, bonus opportunities, 26 days holiday, and flexible hybrid working.
- Why this job: Join a culture that sparks innovation and supports your career development in cloud security.
- Qualifications: 5 years in security engineering, hands-on experience with IaC, and knowledge of major cloud providers.
- Other info: We encourage applicants who may not meet all requirements but are passionate about cloud security.
The predicted salary is between 43200 - 72000 £ per year.
Permanent Full Time role in Information Technology, Information Security.
Located in London – Hybrid.
Senior Cloud Security Engineer
Your new role at NewDay
As a Senior Cloud Security Engineer at NewDay, you will work with internal engineering teams, helping them implement DevSecOps practices. You will design, build, and deploy secure infrastructure using IaC tools. In addition, you will develop high-quality technical content such as reusable modules, templates, custom workflows, automation tools, reference architectures, and guidelines to create a paved security road for engineering teams. You will also solve security challenges and reduce bottlenecks, preventing faster deployments.
- Security Control Automation: Design, deploy, and automate security measures in complex Cloud environments using tools like Bicep, Terraform, and Plum.
- Cloud Security Tooling: Develop and embed Cloud-native security solutions, leveraging experience in threat modelling and architectural reviews to strengthen security frameworks.
- Security Reviews: Offer guidance, conduct reviews, and raise awareness on Cloud security for Engineering teams, ensuring adherence to standards such as PCI-DSS, & CIS benchmarks.
- Incident Response: Collaborate with the Security Operations team to respond to major Cloud incidents and threats.
- Support, Compliance, and Advocacy: Assist with risk and compliance initiatives, optimise Cloud costs, identify platform enhancements, and champion Cloud security across the organisation.
What you’ll bring
We need knowledge, experience + expertise in:
- 5 years experience in security engineering, cloud security or DevSecOps
- Hands-on experience building secure infrastructure using Infrastructure as Code
- At least one high-level programming language such as Python, C#, or Java
- Strong hands-on experience working with major cloud providers (Azure, AWS or GCP)
- Working knowledge of CI/CD such as GitHub Actions, AzureDevOps, Jenkins
And would love you to know or learn:
- Threat modelling of cloud infrastructure
- Securing and hardening CI/CD pipelines
- Pulumi, Terraform, or Bicep
- Compliance as Code tooling such as Azure Policy, AWS SCPs
- Understanding of PCI-DSS, and other security frameworks
Where next?
We encourage you to apply even if you feel that you don’t meet all the listed requirements and capabilities listed for the role. If you are passionate about the role and feel that you can help us secure our cloud infrastructure we would love to hear from you.
About NewDay
We help people move forward with credit and help our colleagues to move their careers forward too.
At NewDay, we value all types of diversity. We’re an equal opportunity employer and believe that our differences create a vibrant, authentic working culture. We want all our colleagues to feel able to bring their whole selves to work. We don’t discriminate on the basis of age, physical or mental disability, gender reassignment, marriage and civil partnership, pregnancy and carer status, race (including colour, nationality, and ethnic or national origin), religion or belief, sex and sexual orientation. We make sure that every job is crafted to be inclusive and that people with disabilities or caring responsibilities can take part in the application and interview process. Tell us if you need accommodations: we’ll put reasonable adjustments in place to support you.
We’re focused on what will drive impact in helping people move forward with credit. Our distinctive culture is geared to spark innovation and team working – with lots of open doors for development. Our customers can rely on us because we aim high, support each other, do the right thing and build for the future.
We invest in our colleagues. On top of a strong market competitive salary, you get a bonus opportunity that matches the impact (delivery + values) you drive in your role. We also help you retire better with market leading pensions.
At NewDay, #yourwellbeing matters: You get 26 days holiday and can buy up to 5 more after probation. Then you’ll get extra days as you build your career with us.
NewWork, our flexible, hybrid working approach, helps you to manage your work/life balance – and even bolt on work time in other countries before or after your holiday. And when you’re in the office, you get free healthy breakfast, fresh juices, lunch, barista coffee etc.
Ask your Talent Acquisition Partner to tell you more about any of our perks.
#J-18808-Ljbffr
Senior Cloud Security Engineer employer: NewDay Ltd
Contact Detail:
NewDay Ltd Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Cloud Security Engineer
✨Tip Number 1
Familiarize yourself with the specific tools mentioned in the job description, such as Bicep, Terraform, and CI/CD platforms like GitHub Actions or AzureDevOps. Having hands-on experience with these tools will not only boost your confidence but also demonstrate your readiness to tackle the responsibilities of the role.
✨Tip Number 2
Engage with online communities or forums focused on cloud security and DevSecOps. Networking with professionals in the field can provide you with insights into current trends and challenges, which you can discuss during interviews to showcase your passion and knowledge.
✨Tip Number 3
Prepare to discuss real-world scenarios where you've implemented security measures in cloud environments. Be ready to share specific examples of how you’ve solved security challenges or optimized processes, as this will highlight your practical experience and problem-solving skills.
✨Tip Number 4
Stay updated on compliance standards like PCI-DSS and CIS benchmarks. Understanding these frameworks will not only help you in the role but also show your commitment to maintaining high security standards, which is crucial for the position.
We think you need these skills to ace Senior Cloud Security Engineer
Some tips for your application 🫡
Understand the Role: Make sure to thoroughly read the job description for the Senior Cloud Security Engineer position. Highlight key responsibilities and required skills, and think about how your experience aligns with these.
Tailor Your CV: Customize your CV to reflect relevant experience in security engineering, cloud security, and DevSecOps. Emphasize hands-on experience with Infrastructure as Code and any programming languages you are proficient in.
Craft a Compelling Cover Letter: Write a cover letter that showcases your passion for cloud security and your ability to solve security challenges. Mention specific tools and frameworks you have worked with, and how you can contribute to NewDay's goals.
Highlight Soft Skills: In addition to technical skills, emphasize your ability to collaborate with engineering teams and communicate complex security concepts. This is crucial for the role, as it involves guiding and raising awareness among teams.
How to prepare for a job interview at NewDay Ltd
✨Showcase Your DevSecOps Knowledge
Be prepared to discuss your experience with DevSecOps practices. Highlight specific projects where you implemented security measures in the development lifecycle, and how you collaborated with engineering teams to enhance security.
✨Demonstrate Infrastructure as Code Expertise
Since the role involves designing and deploying secure infrastructure using IaC tools, be ready to share examples of your hands-on experience with tools like Terraform or Bicep. Discuss any challenges you faced and how you overcame them.
✨Discuss Cloud Security Frameworks
Familiarize yourself with security standards such as PCI-DSS and CIS benchmarks. Be prepared to explain how you've ensured compliance in previous roles and how you would advocate for these standards within the organization.
✨Prepare for Incident Response Scenarios
Expect questions about your experience with incident response in cloud environments. Share specific incidents you managed, the steps you took to resolve them, and how you collaborated with security operations teams.
